Using ssh agent forwarding with a docker container

Say for some reasons such as deployment needs  you want some docker hosted process to use your local ssh keys without the need to enter a passphrase.

That’s where ssh-agent forwarding comes in handy !

ssh-agent is a program that keeps your keys in memory, the aim here is to share it with the docker container.

Here’s how to set it up on Ubuntu 16 running a Debian Jessie image :

docker run --rm -it --name container_name \
-v $(dirname $SSH_AUTH_SOCK):$(dirname $SSH_AUTH_SOCK) \
-e SSH_AUTH_SOCK=$SSH_AUTH_SOCK my_image

$SSH_AUTH_SOCK contains the path to the file socket used to communicate with agent, here : /run/user/1001/keyring/ssh

So we mount a volume of its directory on the container, that’s what the -v $(dirname $SSH_AUTH_SOCK):$(dirname $SSH_AUTH_SOCK) part does.

The -e SSH_AUTH_SOCK=$SSH_AUTH_SOCK part defines the environment variable on the container.

You may now use your local ssh keys within the container. Enjoy !

 

2 thoughts on “Using ssh agent forwarding with a docker container

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s